Zipr++: Exceptional Binary Rewriting

Current software development methodologies and practices, while enabling the production of large complex software systems, can have a serious negative impact on software quality. These negative impacts include excessive and unnecessary software complexity, higher probability of software vulnerabilities, diminished execution performance in both time and space, and the inability to easily and rapidly deploy even minor updates to deployed software, to name a few. Consequently, there has been growing interest in the capability to do late-stage software (i.e., at the binary level) manipulation to address these negative impacts. Unfortunately, highly robust, late-stage manipulation of arbitrary binaries is difficult due to complex implementation techniques and the corresponding software structures. Indeed, many binary rewriters have limitations that constrain their use. For example, to the best of our knowledge, no binary rewriters handle applications that include and use exception handlers-a feature used in programming languages such as C++, Ada, Common Lisp, ML, to name a few. This paper describes how Zipr, an efficient binary rewriter, manipulates applications with exception handlers and tables which are required for unwinding the stack. While the technique should be applicable to other binary rewriters, it is particularly useful for Zipr because the recovery of the IR exposed in exception handling tables significantly improves the runtime performance of Zipr'ed binaries-average performance overhead on the full SPEC CPU2006 benchmark is reduced from 15% to 3%.

[1]  Mingwei Zhang,et al.  A platform for secure static binary instrumentation , 2014, VEE '14.

[2]  Jack W. Davidson,et al.  Dynamic Canary Randomization for Improved Software Security , 2016, CISRC.

[3]  Jack W. Davidson,et al.  Online control adaptation for safe and secure autonomous vehicle operations , 2017, 2017 NASA/ESA Conference on Adaptive Hardware and Systems (AHS).

[4]  K. De Bosschere,et al.  DIABLO: a reliable, retargetable and extensible link-time rewriting framework , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[5]  Dinghao Wu,et al.  UROBOROS: Instrumenting Stripped Binaries with Static Reassembling , 2016, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[6]  Michael Laurenzano,et al.  PEBIL: Efficient static binary instrumentation for Linux , 2010, 2010 IEEE International Symposium on Performance Analysis of Systems & Software (ISPASS).

[7]  Jack W. Davidson,et al.  Defense against Stack-Based Attacks Using Speculative Stack Layout Transformation , 2012, RV.

[8]  Kevin W. Hamlen,et al.  Securing untrusted code via compiler-agnostic binary rewriting , 2012, ACSAC '12.

[9]  Mike Walker Machine vs. Machine: Lessons from the First Year of Cyber Grand Challenge , 2015 .

[10]  Alec Wolman,et al.  Instrumentation and optimization of Win32/intel executables using Etch , 1997 .

[11]  Christopher Krügel,et al.  Ramblr: Making Reassembly Great Again , 2017, NDSS.

[12]  Jack W. Davidson,et al.  Zipr: Efficient Static Binary Rewriting for Security , 2017, 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[13]  Rajeev Barua,et al.  A compiler-level intermediate representation based binary analysis and rewriting system , 2013, EuroSys '13.

[14]  Alan Eustace,et al.  ATOM - A System for Building Customized Program Analysis Tools , 1994, PLDI.

[15]  Kevin W. Hamlen,et al.  Binary stirring: self-randomizing instruction addresses of legacy x86 binary code , 2012, CCS.

[16]  Dinghao Wu,et al.  Reassembleable Disassembling , 2015, USENIX Security Symposium.